You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2022/03/29 21:58:45 UTC
[tomcat] branch 8.5.x updated: Keep format consistent with X509Certificate.getSubjectDN().getName()
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 79074de Keep format consistent with X509Certificate.getSubjectDN().getName()
79074de is described below
commit 79074de8f2ee18d32e4d22109bf10a45eb6022ed
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Tue Mar 29 22:58:04 2022 +0100
Keep format consistent with X509Certificate.getSubjectDN().getName()
---
java/org/apache/catalina/realm/X509SubjectDnRetriever.java | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/java/org/apache/catalina/realm/X509SubjectDnRetriever.java b/java/org/apache/catalina/realm/X509SubjectDnRetriever.java
index 1602c91..d342154 100644
--- a/java/org/apache/catalina/realm/X509SubjectDnRetriever.java
+++ b/java/org/apache/catalina/realm/X509SubjectDnRetriever.java
@@ -18,6 +18,8 @@ package org.apache.catalina.realm;
import java.security.cert.X509Certificate;
+import javax.security.auth.x500.X500Principal;
+
/**
* An X509UsernameRetriever that returns a certificate's entire
* SubjectDN as the username.
@@ -26,6 +28,6 @@ public class X509SubjectDnRetriever implements X509UsernameRetriever {
@Override
public String getUsername(X509Certificate clientCert) {
- return clientCert.getSubjectX500Principal().getName();
+ return clientCert.getSubjectX500Principal().getName(X500Principal.RFC1779);
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org